ibm
8,286 tracked vulnerabilities.
CVE-2023-37411
MEDIUM
IBM Aspera Faspex 5.0.0-5.0.6 - Stored Cross-Site Scripting in Web UI
May 28, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-47710
MEDIUM
IBM Security Guardium 11.4, 11.5, and 12.0 - Stored Cross-Site Scripting
May 24, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-47717
MEDIUM
IBM Security Guardium 12.0 - Denial of Service
May 16, 2024
CVSS 4.4
EPSS 0.00
CVE-2023-47712
HIGH
IBM Security Guardium 11.3-12.0 - Privilege Escalation via Improper Permissions Control
May 14, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-47711
LOW
IBM Security Guardium 11.3-12.0 - Authenticated Denial of Service via File Upload
May 14, 2024
CVSS 2.7
EPSS 0.01
CVE-2023-47709
CRITICAL
IBM Security Guardium 11.3-12.0 - Authenticated OS Command Injection
May 14, 2024
CVSS 9.1
EPSS 0.01
CVE-2023-43040
MEDIUM
IBM Spectrum Fusion HCI 2.5.2-2.7.2 - Privilege Escalation
May 14, 2024
CVSS 6.5
EPSS 0.03
CVE-2023-38264
MEDIUM
IBM SDK Java 7.1.0.0-7.1.5.21 & 8.0.0.0-8.0.8.21 - DoS via ORB Deserialization Filter Bypass
May 14, 2024
CVSS 5.9
EPSS 0.01
CVE-2023-40694
MEDIUM
IBM Watson CP4D Data Stores <4.9 - Info Disclosure
May 07, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-27283
MEDIUM
IBM Aspera Orchestrator 4.0.1 - Info Disclosure
May 04, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-40695
MEDIUM
IBM Cognos Controller <11.0.0 - Privilege Escalation
May 03, 2024
CVSS 6.3
EPSS 0.00
CVE-2023-40696
MEDIUM
IBM Cognos Controller - Info Disclosure
May 03, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-38724
MEDIUM
IBM Cognos Controller <11.0.0 - SQL Injection
May 03, 2024
CVSS 6.3
EPSS 0.00
CVE-2023-28952
MEDIUM
IBM Cognos Controller <11.0.0 - Command Injection
May 03, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-23474
LOW
IBM Cognos Controller 10.4.1, 10.4.2, 11.0.0 - Sensitive Information Exposure via Stack Trace
May 03, 2024
CVSS 3.7
EPSS 0.00
CVE-2023-37407
HIGH
IBM Aspera Orchestrator 4.0.1 - Authenticated OS Command Injection
May 03, 2024
CVSS 8.8
EPSS 0.01
CVE-2023-47727
MEDIUM
IBM Cloud Pak for Security <1.10.11.0 & QRadar Suite Software <1.10...
May 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-38002
MEDIUM
IBM Storage Scale <5.1.9.2 - Privilege Escalation
Apr 30, 2024
CVSS 5.0
EPSS 0.00
CVE-2023-47731
MEDIUM
IBM Cloud Pak for Security 1.10.0.0-1.10.11.0 and QRadar Suite 1.10.12.0-1.10.19.0 - Stored Cross-Site Scripting
Apr 23, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-37397
LOW
IBM Aspera Faspex 5.0.0-5.0.7 - Inadequate Encryption Strength
Apr 19, 2024
CVSS 3.6
EPSS 0.00
CVE-2023-27279
MEDIUM
IBM Aspera Faspex 5.0.0-5.0.7 - Denial of Service via Missing API Rate Limiting
Apr 19, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-37396
LOW
IBM Aspera Faspex 5.0.0-5.0.7 - Sensitive Information Exposure via Improper Encryption
Apr 19, 2024
CVSS 2.5
EPSS 0.00
CVE-2023-22869
MEDIUM
IBM Aspera Faspex 5.0.0-5.0.7 - Sensitive Information Exposure in Log Files
Apr 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-37400
HIGH
IBM Aspera Faspex 5.0.0-5.0.7 - Privilege Escalation via Insecure Credential Storage
Apr 19, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-47714
MEDIUM
IBM Sterling File Gateway 6.0.0.0-6.0.3.9, 6.1.0.0-6.1.2.3, 6.2.0.0 - Cross-Site Scripting
Apr 12, 2024
CVSS 4.8
EPSS 0.00
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters